a fingerprint & pin authentication to enhance … 2229-5518 a fingerprint & pin...
TRANSCRIPT
ISSN 2229-5518
A Fingerprint & Pin Authentication to Enhance Security At The Automatic Teller
Machines Dondo Jacqueline Akinyi Madara, Dr. George Okeyo, Dr. Michael Kimwele
Abstract- The need of money can only be satisfied when you are carrying money with you. That also increases
the risk of getting robbed. This research focuses on how to enhance security of transactions in Automatic
Teller Machine system using a multi-factor authentication system (PIN and Fingerprint). This research proposed
a highly secured Automatic Teller Machine banking system using an optimized Advanced Encryption Standard
(AES) algorithm. This research proposes two levels of security. Firstly we consider the security level at the client
side by providing biometric authentication scheme along with a password of 4-digit long. Biometric authentication
is achieved by considering the fingerprint image of the client. Secondly we ensure a secured communication link
between the client machines to the bank server using an optimized energy efficient AES processor. The
fingerprint image is the data for encryption process and 4-digit long password is the symmetric key for the
encryption process. To get a low power consuming Automatic Teller Machine, an optimized AES algorithm is
proposed in this research. In this system biometric and cryptography techniques are used together for personal
identity authentication to improve the security level.
Index Terms- AES Algorithm, AES Processor, ATM, Biometric, Cryptography, Encryption, Fingerprint, Multi-factor
—————————— ——————————
1 INTRODUCTION
1.1 Background
Masquerade attacks and other criminal activities at
ATMs have become a nationwide issue that faces
not only customers, but also bank operators.
According to Richard et al (2006) these financial
crime cases rises repeatedly in recent years. A lot of
criminals tamper with the ATM terminal and steal
customers’ card details by illegal means. Once
users’ bank card is lost and the password is stolen,
the users’ account is vulnerable to attack. Traditional
ATM systems authenticate generally by using a card
(credit, debit, or smart) and a password or PIN which
no doubt has some defects (Amurthy and Redddy
2012). The prevailing techniques of user
authentication, which involves the use of passwords
and user IDs (identifiers), or identification cards and
PINs (personal identification numbers), suffer from
several limitations (Ratha et al 2001). Passwords
and PINs can be illicitly acquired by direct covert
observation. When credit and ATM cards are lost or
stolen, an unauthorized user can often come up with
the correct personal codes.
Many people use easily guessed PIN's and
passwords - birthdays, phone numbers and social
security numbers. The increase use of ATMs has
seen even the illiterate users most of whom write
down their PINs or ask for assistance at the ATMs
exposing their PINs. Recent cases of identity theft
have heightened the need for methods to prove that
someone is truly who he/she claims to be. Biometric
authentication technology may solve this problem
since a person’s biometric data is undeniably
connected to its owner, is nontransferable and
unique for every individual. The system can
compare scans to records stored in a central or local
database or even on a smart card.
Biometrics can be defined as a measurable
physiological and behavioral characteristic (Oxford
English Dictionary) that can be captured and
subsequently compared with another instance at the
time of verification. It is automated methods of
recognizing a person based on a physiological or
behavioral characteristic Ratha et al (2007). It is a
measure of an individual's unique physical or
behavioral characteristics to recognize or
authenticate its identity Schouten and Jacobs
(2009). Common physical biometrics characteristics
include fingerprint, hand or palm geometry, retina,
iris and face while popular behavioral characteristics
are signature and voice. Biometrics technologies
are a secure means of authentication because
biometrics data are unique, cannot be shared,
————————————————
Jaqueline Dondo is currently pursuing masters degree program in Computer Systems in Jomo Kenyatta University of Agriculture & Technology, Kenya, E-mail: [email protected]
Co-Author Dr. Okeyo & Dr. Kimwele are lecturers in Jomo Kenyatta University of Agriculture & Technology, Kenya
International Journal of Scientific & Engineering Research, Volume 8, Issue 4, April-2017 ISSN 2229-5518 380
IJSER © 2017 http://www.ijser.org
IJSER
ISSN 2229-5518
cannot be copied and cannot be lost. Bioinformatics
is an interdisciplinary scientific field that develops
methods and software tools for storing, retrieving,
organizing and analyzing biological data. As
globalization, networking, information and digital
era’s coming, the demand of high reliability of our
identity verification is growing. Among the existing
biometric methods, fingerprint biometrics can be
an affordable and accurate authentication
technology that has been already successfully and
widely employed.
This research presents a secured and an energy
efficient ATM banking system that is highly secured
system compared with the existing one. At present
most of the ATM systems use triple data Encryption
Standard (3DES). Which has some drawbacks;
such as, it is vulnerable to differential attacks and
also slow in performance. Ali et. al. (2013) This
research presents security in two ways in which both
the fingerprint image for the client side security and
the AES algorithm for the secured communication in
between. This research presents security in two
ways in which both the fingerprint image for the
client side security and the AES algorithm for the
secured communication in between. Based on
these perspectives, Advanced Encryption Standard
was accepted as a FIPS standard in November
2001, after which AES became the most popular
encryption standard all over the world. A lot of
researchers are working to improve the speed of
AES as well as the other aspects like area, latency,
power etc. To make the AES faster and securer,
some researchers introduced hardware realizations
and s-box optimizations. Today most of the
researchers involving the execution of the Advanced
Encryption Standard (AES) algorithm are fallen into
three areas: ultra-high-speed encryption, very low
power consumption, and algorithmic integrity. Fakir
et. al. (2013)
1.2 Statement of the Problem
Personal banking information is highly sensitive and
users are vulnerable while using ATMs Mohammed
(2015). Keypads in particular have been exploited
by criminals who have installed small cameras or
touch-sensitive overlays, or in some cases have
simply observed users as they have keyed in their
pins Chris (2009). The physical security of users is
also important. ATMs are open late at night but
often have limited security. Users may feel anxiety
and, in those cases, it is best that they complete
their ATM operations as quickly as possible. The
frequency at which ATM fraud is increasing and not
being detected is creating fear, anxiety and loss of
confidence in the banking sector that there is need
to improve the existing user authentication process.
Around 4,000 pages of data containing Cypriot
credit cards were found on a computer belonging to
thieves (New Europe 2008) Devices capable of
scanning bank and credit cards details were placed
on cash machine outside a supermarket in UK (BBC
News, 2006)
1.3 Justification
One of the major problems people face is the loss of
the password and not remembering it again, these
has caused a lot of damage to people and
organizations. ATM fraud has been very common in
all banks and the problems has created fear in many
costumers heart that they prefer going to the bank
to collect their money than to use an ATM, also
many people are illiterate that they don’t know how
to use the ATM card.
In the field of computer security, one of the most
damaging attacks is masquerading, in which an
attacker assumes the identity of a legitimate user in
a computer system. Masquerade attacks typically
occur when an intruder obtains a legitimate user’s
password or when a user leaves their workstation
unattended without any sort of locking mechanism
in place. It is difficult to detect this type of security
breach at its initiation because the attacker appears
to be a normal user with valid authority and
privileges. This difficulty underlines the importance
of equipping computer systems with the ability to
distinguish masquerading attacker actions from
legitimate user activities. Security especially at our
banks has been compromised. There are cases of
impersonation at the ATM machines and it would be
difficult to authenticate someone just with the ATM
card and PIN numbers. The current authentication
systems are characterized by an increasing interest
in biometric techniques. Among these techniques
are face, facial thermo gram, fingerprint, hand
geometry, hand vein, iris, retinal pattern, signature
and voiceprint. All these methods have different
degrees of uniqueness, permanence, measurability,
performance, user’s acceptability and robustness
against circumvention Akwaja (2010) finger print is
the most preferred.
Biometrics-based authentication offers several
advantages over other authentication. Fingerprint
technology in particular, can provide a much
more accurate and reliable user authentication
method. Biometrics is a rapidly advancing field
that is concerned with identifying a person based
on his or physiological or behavioral
characteristics. As the Automated Teller Machines
(ATM) technology is advancing, fraudsters are
devising different skills to beat the security of ATM
operations. Various forms of fraud are perpetuated,
ranging from: ATM card theft, skimming, pin theft,
International Journal of Scientific & Engineering Research, Volume 8, Issue 4, April-2017 ISSN 2229-5518 381
IJSER © 2017 http://www.ijser.org
IJSER
ISSN 2229-5518
card reader techniques, pin pad techniques, force
withdrawals and lot more. Managing the risk
associated with ATM fraud as well as diminishing its
impact is an important issue that faces financial
institutions as fraud techniques have become more
advanced with increased occurrences. Considering
the numerous security challenges encountered by
Automated Teller Machines (ATM) and users and
given that the existing security in the ATM system
has not been able to address these challenges,
there is the need to enhance the ATM security
system to overcome these challenges. This
research focuses on how to enhance security of
transactions in ATM system using fingerprint.
Present research deals with new innovative
model for biometric ATMs which replaces card
system by biometric technology for operating
ATMs for example In a bid to address issues of
safety of customers’ funds and avoiding losses
through compromise of Personal Identification
Numbers (PIN), the apex bank, Central Bank of
Nigeria (CBN) is to introduce Biometric
authentication of Point of Sale (PoS) and Automated
Teller Machines (ATMs) by 2015 according to
Leadership New paper (10-07-2013).
1.4 Research Questions
Can the implementation of a multifactor technology
such as use of fingerprint and PIN be utilized as a
useful identifier in improving security at the ATM
machines?
Are there more benefits in using the AES algorithm
in a Bank employing a multifactor security system
that use PIN and fingerprint for their ATMs?
Will the use of biometric system for ATM
authentication be acceptable to the users?
1.5 Objectives
Broad Objective The purpose of this research is to enhance the
security of the existing ATM (Automated Teller
Machine) system by integrating the existing PIN
(Personal Identification Number) with the fingerprint.
Specific objective 1. To identify different areas that a multifactor
security system that use PIN and fingerprint
has been utilized.
2. To propose the use of fingerprint and PIN as
an authentication system in the Bank’s ATM.
3. To propose a low power consuming ATM
machine using the AES algorithm.
1.6 Scope of research
The first milestone of my research is learning the
biometrics especially the use of thumb/figure
recognition. Then we learnt how the PIN verification
methods work. Lastly we propose a multifactor
authentication model system.
1.7 Limitations of the research
Banks don’t not divulge sensitive information about
their scale of operation
Budgetary constraints
The research is based on secondary data taken
from content analysis and not the bank. This was not
accurate.
Security in banking is wide and we have limited our
research to one region. This might not represent the
nature of all banks.
Bias respondents
2 LITERATURE REVIEW
2.1 Introduction
Since security measures at ATM centers play a
significant role in preventing attacks on customers
money, several researches have proposed the used
of fingerprint in a like manner of this research, to
shift from PIN to biometric based security.
Fingerprinting has been the most widely used during
the 20th century. The maturity of Biometric
techniques and generally the dramatic improvement
of the captured devices have led to the research of
fingerprinting in multiple applications but in the last
years, minutiae have been the main type of
algorithm used. The minutiae are relatively stable
and robust to contrast, image resolution and global
distortion as compared to other fingerprint
representation Fatai et al. (2014). Jeroen et al.
(2011) provided a better understanding of the
benefits and limitation of integration of biometrics in
a PIN-base payment authentication system. Based
on their review they proposed a biometric that can
be integrated in a PIN-based authentication
infrastructure by binding a fixed binary, renewable
string to a noisy biometric sample.
2.2 Related studies
The South African Social Security Agency (SASSA)
has introduced a new SASSA Payment Card that
has a fingerprint authenticated features. The card is
a SASSA branded smart payment MasterCard,
which has an embedded chip containing personal
details, fingerprint and secret PIN, with the card the
customers can easily withdraw and make payment
at point-of-sale (POS) center, purchase airtime, pay
water and electricity bill from the accounts, or open
accounts. (SAAS, 2013).
International Journal of Scientific & Engineering Research, Volume 8, Issue 4, April-2017 ISSN 2229-5518 382
IJSER © 2017 http://www.ijser.org
IJSER
ISSN 2229-5518
Wang Y. et al (2007) proposed a fingerprint
orientation model based on 2D Fourier expansions
(FOMFE) in the phase plane. Though FOMFE does
not require prior knowledge of singular points, it is
able to describe the overall ridge topology
seamlessly. Fengling et al (2005) proposed a
smartcard based encryption/authentication scheme
for ATM banking system. The first layer of the scheme is used to perform authentication based on
available information on the smartcard. Fingerprint
based authentication via feature and minutiae
matching then followed on the second layer. Das
and Jhunu (2011) focused on vulnerabilities and the
increasing wave of criminal activities occurring at
ATMs and presented a prototype fingerprint
authentication for enhancing security. The systems
adopt the same measure as the current work by
formulating modules for fingerprint enrolment,
enhancement, feature extraction and database and
matching. Santhi and Kumar (2012) proposed an
ATM security enhancing method with secured
Personal Identification Image (PII) process. A
detailed research on various existing biometric
systems is also presented stating the strengths and
limitations. Bhosale and Sawant (2012) and Ibiyemi
et al (2012) present groundbreaking models for
biometric ATMs which replaces card system with
biometric technology. The proposed systems
hybridize feature-based fingerprint, iris and PIN to
provide reliable and fool-proof ATM authentication.
Customers must be convinced that the technologies
provide more benefit than the card-and-PIN system,
which works well, said John Hall, spokesman for the
American Bankers Association. The cards also
serve functions beyond the ATMs, as debit cards
and as advertising for the banks. "Getting that wallet
space is important," said Bill Spence, a biometric
expert with Campbell, Calif.-based Recognition
Systems Inc. The growers wouldn't need to carry
ATM cards, which can be a lure for thieves.
"Biometrics is certainly the most secure form of
authentication," said Avivah Litan, an analyst with
Gartner Inc., a Stamford, Conn.-based technology
analysis firm. "It's the hardest to imitate and
duplicate." Jain, A.et. al. (2000)
However, companies that make automated teller
machines have found budding markets for the
fingerprint technology in South America, where
citizens already are accustomed to the use of
fingerprints for general identification, such as ID
cards they carry. Diebold Inc. of North Canton, Ohio,
has supplied fingerprint-capable ATMs to a bank in
Chile that is using them in a pilot project. Last year
Dayton, Ohio-based NCR Corp. installed 400 of
them in Colombia. BanCafe, Colombia's fifth largest
bank, bought the ATMs at the end of 2002 for added
security for coffee growers and to get them to open
accounts.
Mali et al (2012) provided a network security
framework for real time ATM application using a
combination of PIN, thumb scanning and face
recognition to foster security. The proposed
framework is expected to register thumb and face
features to be stored at a server side in encrypted
format. Authentication is done by decrypting
patterns from database, and matching with input
pattern before access is granted for ATM
operations. The integrated system uses Principal
Component Analysis (PCA) and Eigen algorithm for
face recognition, LSB algorithm for stegnogaphy
and AES algorithm for cryptography. Though the
framework looks promising, its practicality is not
supported by detailed implementation and
evaluation. Abayomi et al (2012) proposed an
enhanced e-banking system where customer can
access multiple accounts over different banks
institutions with a single ATM card with fingerprint
authentication. A match-on-card technique was
used that relies on a one-to-one matching where the
data from the ATM fingerprint sensor is compared
only to the template stored on the user’s ATM card.
This will help in privacy concern of users; the system
will also help the users to have access to multiple
accounts with a single ATM card. It is secured and
help in reducing ATM fraud. This research presents
security in two ways. This design considers the
fingerprint image for the client side security and also
considers the AES algorithm for the secured
communication in between the client and server. A
lot of researchers are working to improve the speed
of AES as well as the other aspects like area,
latency, power etc. To make the AES faster and
securer some researchers introduced hardware
realizations and s-box optimizations. Today most of
the researchers involving the execution of the
Advanced Encryption Standard (AES) algorithm are
fallen into three areas: ultra-high-speed encryption,
very low power consumption, and algorithmic
integrity. Many research works have been done by
different hardware realizations using ASIC and
FPGA technology. Some References present the
fastest FPGA realization of the AES algorithm.
Fingerprint based authentication is more secure,
reliable and standard than the password based
authentication. Finger-scan biometric is based on
the distinctive characteristics of the human
fingerprint. Our existing ATM system is password
based. The limitation of this system is that it fails to
identify the person rather it only identify the card and
password as well as the communication link is not
secured. , which have access to be hacked. The
proposed ATM system is able to overcome this type
International Journal of Scientific & Engineering Research, Volume 8, Issue 4, April-2017 ISSN 2229-5518 383
IJSER © 2017 http://www.ijser.org
IJSER
ISSN 2229-5518
of limitations because proposed ATM system is
fingerprint based.
2.3 Identified Gap
AT present most of the ATM systems use triple-data
Encryption Standard (DES) Nawaz et. al.(2013) but
the triple-DES has some drawbacks. It is vulnerable
to differential attacks and also slow in performance.
DES (Data Encryption Standard) has been used as
a de facto standard cipher for more than 20 years.
In 2001, NIST (National Institute of Standards and
Technology) made Rijndael the new standard cipher
AES Daemen and Rijmen (2001), NIST (2001).
Personal banking information is highly sensitive and
users are vulnerable while using ATMs Mohammed
(2015). Keypads in particular have been exploited
by criminals
2.4 A conventional ATM system
ATM is the abbreviation of "Automated Teller
Machine". This machine allows the account holder
to have transactions with their own accounts without
allowing them to access the entire bank's database.
The idea of self-service in retail banking was
developed through independent and simultaneous
efforts in Japan, Sweden, the United Kingdom and
the United States. In the USA, Luther George
Simjian has been credited with developing and
building the first cash dispenser machine. The first
cash dispensing device was used in Tokyo in 1966.
Figure 1 A Conventional ATM System
ATM first came into use in December 1972 in the
UK. IBM 2984 was designed for request of Lloyds
Bank. ATM is typically connected directly to their
hosts or ATM Controller via either ADSL or dial-up
modem over a telephone line or directly via a leased
line. For transaction security all communication
traffic between ATM and transaction process is
encrypted by cryptography. Nowadays, most of ATM
uses a Microsoft OS primarily Windows XP
Professional or Windows XP Embedded or Linux.
2.5 Fingerprint
Fingerprint is a characteristic which is unique for
each person. Every fingerprint contain unique
identifiable piece of information. The uniqueness in
each fingerprint is due to the peculiar genetic code
of DNA in each person. Ridges and valleys are the
parts of fingerprint that provide friction for the skin.
The direction and location of ridges make the
identification. A fingerprint in its narrow sense is an
impression left by the friction ridges of a human
finger. In a wider use of the term, fingerprints are the
traces of an impression from the friction ridges of
any part of a human. There are three types of
fingerprint patterns.
2.6 AES Algorithm
The Rijndael algorithm referred to as the AES
Algorithm, is a symmetric key block cipher that can
process data blocks of 128 bits, using cipher keys
with lengths of 128, 192, and 256 bits. Figure 2
shows that AES has four stages which are required
for every round except that the last round excludes
the mix column phase and the first round has only
key addition.
The four stages of Rijndael algorithm (AES
algorithm) are:
Substitute bytes: This function uses an S-box to
perform a byte-by-byte substitution of the block.
For encryption and decryption, this function is
indicated by SubBytes () and InvSubBytes ()
respectively.
Shiftrows: This is a simple permutation. For
encryption and decryption, this function is
indicated by ShiftRows () and InvShiftRows ()
respectively.
Mix Columns: This is a substitution that makes
use of arithmetic over GF (28), with the
irreducible polynomial “m(x) = x8 + x4 + x3 + x
+1”. For encryption and decryption, this function
is indicated by MixColumns () and
InvMixColumns () respectively.
International Journal of Scientific & Engineering Research, Volume 8, Issue 4, April-2017 ISSN 2229-5518 384
IJSER © 2017 http://www.ijser.org
IJSER
ISSN 2229-5518
Add round key: This function does a bitwise
XOR operation of the current block with a
portion of the expanded key. For both
encryption and decryption this function is
indicated by AddRoundKey (). For the
AddRoundKey () stage, the inverse is achieved
by XORing the same round key to the block,
using the result: A ⊕A⊕ B = B.
3 RESEARCH METHODOLOGY
3.1 Introduction
The methodology proposed by Webster and Watson
(2002) was followed. In the subsequent pages of
this chapter, the steps taken to identify relevant
literature is presented, along with the results of this
procedure. The purpose of this research is to
present a secured and an energy efficient ATM
banking system that is highly secured. At present
most of the ATM systems use triple-data Encryption
Standard (DES) but the triple-DES has some
drawbacks. It is vulnerable to differential attacks and
also slow in performance. Nawaz (2013). This
research presents security in two ways, a design
that considers the fingerprint image for the client
side security and also consider the AES algorithm
for the secured communication in between the client
and server. Reducing the power consumption of
AES (Advanced Encryption Standard) circuits is a
critical problem when the circuits are used in
embedded systems. Many circuit architectures for
AES have been proposed recently and their
performances have been evaluated by using ASIC
libraries Kuo et al. (2001), However, most of them
are simple implementations according to the AES
specification, and there is no report of low-power
AES implementations, as far as the authors know.
In this research, we investigated a design
methodology for a low-power AES. Although many
power reduction techniques for IP cores are known
for various design abstraction levels from the
algorithm level to the transistor level Chandrakasan
and Brodersen (2007)[2], we focused on the logic
level (gate level), because the power optimization
techniques at this level can be applied in many
applications. The optimizations at the other levels
cannot be adopted as often, because the AES circuit
is usually used as an IP core in a system, and
changing the algorithm, operator scheduling, data-
path architecture, and/or arrangements of
transistors of the AES is difficult under given
requirements for throughput, clock speed, and
technology library Morioka and Akashi (2014).
Security has become a great issue in every part of
life. Passing of information faces massive problems
due to various types of attacks into the
communication link. The biometric authentication
process adds a new dimension of security for any
person sensitive to authentication. In this chapter
we describe the research methodology of this
research, explain the sample selection, describe the
procedure used in designing the instrument and
collecting the data, and provide an explanation of
the statistical procedures used to analyze the data.
3.2 Research design
A descriptive research methodology is used for this
research because it portrays accurately that most
ATM users have no confidence in the use of PIN as
the only means of identity at the ATM machines, by
conducting a survey and fact finding. We used some
survey methods like comparative and correlation
approach conducting survey on users and also
existing literature. This research has some aspects
of qualitative methods where the users opinions and
attitude is used to come up with the conclusions
about the use of PIN and biometric at the ATM.
Gravetter and Forzano (2011) explain that
descriptive research design involves the
measurement of a variable or a set of variables as
they naturally exist. The research is aimed at
collecting information from respondents in
determining e-learning security issues. Chandran
(2004) notes that descriptive research designs are
used in studies that answers the “who”, “what”,
“when”, “where” and “how” questions. This design
describe what is prevalent in security challenges in
ATM systems. The use of descriptive research
design enabled the description of the identification
Figure 2 Proposed ATM System
International Journal of Scientific & Engineering Research, Volume 8, Issue 4, April-2017 ISSN 2229-5518 385
IJSER © 2017 http://www.ijser.org
IJSER
ISSN 2229-5518
of security issues affecting ATM system in banking
sector in Kenya. A survey is administered to a
selected sample from Machakos. The term ‘survey’
is commonly applied to a research methodology
designed to collect data from a specific population,
or a sample from that population, and typically
utilizes a questionnaire or an interview as the survey
instrument (Robson, 1993)
3.3 Research population
The total population of the research is banks that are
in Machakos County. Machakos County has an
estimated population of 1,098,584 people
machakos county profile (2015) which includes five
towns; Athi River, Machakos, Kangundo-Tala,
Kathiani and Masii. The target population is the ATM
users which the researcher is interested in
describing and making statistical inferences about.
It refers to the entire group of individual or objects to
which researchers are interested in generalizing the
conclusion.
3.4 Sample and sampling techniques
For this research, my sampling unit is geographical
where Machakos town is sampled. The
methodology for this research is a stratified random
sample of bank users across the town. Gay (1987)
reports: Random sampling is the best single way to
obtain a representative sample.
3.5 Data collection instruments
This research had two sets of data, the primary data
and the secondary data. The primary data was
collected using questionnaires and personal
interviews directly from the ATM users and a central-
site intercept survey in which potential audience
members were approached in a public area and
asked to respond to a quick questionnaire. The
research was conducted on an existing group,
numerical data is collected Data for this research is
obtained through the following: Questionnaire: this
is administered on the customers and staff of the
selected banks. This involves close-response
questions with only ‘yes’ or ‘no” answers to assist in
carrying out the research. Personal Interview: for all
the technical questions the secondary data is
collected mainly from Library research or content
analysis. This aids in consulting relevant literature
already written on the subject
3.6 Data analysis
Data analysis involved editing, coding, classification
and tabulating of the data collected. The editing is
done by me scrutinizing questionnaires to detect
errors and omissions then translate or rewrite the
responses especially because some handwritings
might not be clear, this was achieved by conducting
a field editing where clarity is made as the data is
being collected. Centralized editing after the data is
collected. The analysis is done by SPSS and there
was need of assigning numerical values to the
answers given during data collection for the sake of
coding and classification using tables to tabulate the
findings to summarize the survey.
Acknowledgments
I thank God almighty for giving me patience,
knowledge and understanding and most importantly
for giving me life. I thank Dr. Kimwele and Dr. Okeyo,
Lecturers at Jomo Kenyatta University of agriculture
and Technology for guiding me through my
research, to my mother Foska Dondo for her
encouragement.
REFERENCES
[1] (AES)”, FIPS Publication 197,
http://csrc.nist.gov/encryption/ aes/index.html,
Nov. 2001.
[2] A.P. Chandrakasan and R.W. Brodersen (eds.),
Low Power Digital CMOS Design, Kluwer
Academic Publishers, 2005.
[3] Abayomi-Alli A., Omidiora E.O., Olabiyisi E.O.,
and Ojo J.A., Enhanced E-Banking System with
Match-On-Card Fingerprint Authentication and
MultiAccount ATM Card. The Journal of
Computer Science and Its Aplication, An
International Journal of the Computer Society of
Nigeria (NCS), V0l. 19, No.2 December, 2012
[4] Akwaja Chima, Nigeria Connects 99 million
Subscribers, Fin. Standard., 2010, 10: 15-512.
[5] ATM scam targets hundreds of credit cards‘,
New Europe, issue: 793, 4 August 2008, From
http://www.neurope.eu/articles/89221.php (last
visited on 20 April 2009).
[6] B, Schouten and B. Jacobs, Biometrics and
their use in e-passport, Image and Vision
Computing vol. 27, pp. 305–312. 2009,
[7] B. Richard and M. Alemayehu, Developing E-
banking Capabilities in a Ghanaian Bank:
Preliminary Lessons. Journal of Internet
Banking and Commerce, vol. 11, no. 2, 2006.
Downloaded March 15, 2012 from
http://www.arraydev.com/commerce/jibc/
[8] Bhosale ST, and Sawant BS, Security in
eBanking via Card-less Biometric ATMS.
International Journal of Advanced Technology &
Engineering Research, 2012, 2: 9-12.
[9] Chris. Christian Science Monitor. ‘Guard your
card: ATM fraud grows more sophisticated’.
July 23, 2003.From
http://www.csmonitor.com/2003/0721/p15s01-
International Journal of Scientific & Engineering Research, Volume 8, Issue 4, April-2017 ISSN 2229-5518 386
IJSER © 2017 http://www.ijser.org
IJSER
ISSN 2229-5518
wmcn.html
[10] Das SS, and Jhunu D, Designing a Biometric
Strategy (Fingerprint) Measure for Enhancing
ATM Security in Indian E-Banking System.
International Journal of Information and
Communication Technology Research, 2011,
197-203.
[11] Fatai, O.W., Awotunde, J.B. and Matluko, O.E,
A Novel System of Fingerprint Recognition
Approach for Immigration Control, IOSR
Journal of Computer Engineering (IOSR-JCE)
2278-8727Volume 16, Issue 3, Ver. III (May-
Jun. 2014), PP 39-42.
[12] Fengling H, Jiankun H, Xinhuo Y, Yong F, and
Jie Z, A novel Hybrid Crypto- Biometric
Authentication Scheme for ATM Based Banking
Applications. Lect Notes Comput Sci, 2005,
3832: 675-681.
[13] H. Kuo et al., "Architectural Optimization for a
1.82 Gbits/sec VLSI Implementation of the AES
Rijndael Algorithm," Proc. CHES2001, LNCS
Vol. 2162, pp. 53–67, 2001
[14] http://leadership.ng/news/100713/cashless-
policy-cbnintroduce-biometrics-atms-pos-
2015#sthash .I0I5wd2G.dpuf Leadership New
paper, 10-07-2013.
[15] Ibiyemi T. S, Obaje S. E, and Badejo J
Development of Iris and Fingerprint Biometric
Authenticated Smart ATM Device & Card. 24th
National Conference of the Nigeria Computer
Society (NCS), 2012.
[16] J. Daemen and V. Rijmen, “AES Proposal:
Rijndael,” http://csrc.nist.gov/
encryption/aes/rijndael/Rijndael.pdf.
[17] Jain, A., Hong, L., & Pankanti, S. (2000).
Biometric Identification, Communications of the
ACM, 43(2), p. 91-98.
[18] Jeroen B., Ileana B., Koen G., and Emile K.,
Evaluation of a template protection approach to
integrate fingerprint biometrics in a PIN-based
payment infrastructure, 2011.
[19] Kuykendall, Lavonne and W. A. Lee,
Intermediary Risk? Card Hack Puts OSOs in
the Hot Seat, American Banker, February 21
2003.
[20] M. Theofanos, B. Stanton, and C. A. Wolfson,
Usability & Biometrics: Ensuring Successful
Biometric Systems. National Institute of
Standards and Technology (NIST), 2008.
[21] Machakos county profile, from
http://www.machakosgovernment.com/Machak
osProfile.aspx last visited on 10 October 8,
2015
[22] Mali P, Salunke S, Mane R, and Khatavkar P.,
Multilevel ATM Security Based On Two Factor
Biometrics, 2012, IJERT 1: 8.
[23] N.K. Ratha, J.H. Connell, and R.M. Bolle,
Enhancing Security and Privacy in Biometrics-
based Authentication Systems, IBM Systems
Journal, vol. 40, no. 3, pp. 614-634, 2001.
[24] N.K. Ratha, S. Chikkerur, J.H. Connell and R.M.
Bolle. Generating Cancelable Fingerprint
Templates”, IEEE Transaction on Pattern
Analysis and Machine Intelligence, vol. 29, no.
4, 2007.
[25] National Institute of Standards and Technology
(NIST), “Advanced Encryption Standard
[26] P.K. Amurthy and M.S. Redddy, Implementation
of ATM Security by Using Fingerprint
recognition and GSM, International Journal of
Electronics Communication and Computer
Engineering vol.3, no. 1, pp. 83-86, 2012.
[27] Santhi B, and Kumar RK, Novel Hybrid
Technology in ATM Security Using Biometrics.
Journal of Theoretical and Applied Information
Technology, 2012, 37: 217-223.
[28] Shoppers are targeted in ATM scam‘, BBC
News, 11 March 2006, available at
http://news.bbc.co.uk/2/hi/uk_news/england/te
es/4796002.stm (last visited on 20 April 2009).
[29] Swann, J., Teaching Ethics: It's the Right Thing
to Do. OR/MS Today, 2004, 31:10.
[30] The South African Social Security Agency
(SASSA), A leader in the delivery of social
security services. Re-register to get yours:
SASSA HOUSE 501 Prodinsa Building Cnr
Steve Biko and Pretorius Street Pretoria, 2013.
[31] Travel Guide for Your Finances. ‘Card Fishing
ATM Scam’. Card Fishing ATM Scam.
December 27, 2006. From
http://www.travelfinances.com/blog/index.php/
2006/12/27/card-fishing-atm-scam/
[32] U. Uludag, Secure biometric systems, Ph.D.
dissertation, Michigan State University, 2006.
[33] Wang Y, Hu J, and Phillips D, A fingerprint
orientation model based on 2D Fourier
expansion (FOMFE) and its application to
singular-point detection and fingerprint
indexing. IEEE Trans Pattern Anal Mach Intell,
2007, 29: 573-585.
[34] Webster, J. & Watson, R.T. (2002). Analyzing
the Past to Prepare for the Future: Writing a
Literature Review. MIS Quarterly, 26(2), pp. xiii-
xxiii. West, D.M. (2004).
International Journal of Scientific & Engineering Research, Volume 8, Issue 4, April-2017 ISSN 2229-5518 387
IJSER © 2017 http://www.ijser.org
IJSER